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IN THE CLAIMS 

Noting that a clean listing of claims as amended is appended hereto, please amend the claims as 
indicated in the rewritten claims listed below: 

Claim Amendments: 

1. (Canceled) 

2. (Currently amended) A method for verifying co mputer instructions in a 
computer that includes at least one processor that executes instructions stored in a memory, 
which is the memory being organized into separately addressable memory blocks, Q' method for 
verifying tho validity of inatruotiong the method comprising: 

identifying a next instruction to he executed w hen executing a series of instructions; 

for at l o Qot one ourront inotruction that has boon idontifiod the next ii^truction, fef 
3ubmiooion to tho proooooor for oxooution, determining an identifying value for a ourront memory 
block that contains the curr e nt next instruction; 

determining whether the identifying value satisfie s a validation condition, wherein the 
determining as to whether the identifying value satisfies the validation cond ition requires 
comparing the identifying value of the €WFeftt memory block with a set of reference values; 

allowing execution of the next instruction b v the processor when if the identifying value 
satisfies [[a]] Ae validation conditio n, allowing oxocution of tho ourront inotruction by the 

generating a response when if the identifying value does not satisfy the validation 
conditio n, gonorating a respons e; 

whereby the «»FFeftt n^ instruction is verified dynamicalfy before being executed. 
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3. (Currently amended) The method of A mothod go in claim 2, further comprioing: 
including in the sot of roforonoo valuog at loaot on e validation ontr>^ oorrcoponding to at least on e 
idontifiing value for prodotorminod contonto of a Imown, \^alid momor>^ block; in which whergjn 
the validation condition is that the identifying value of the ourront memory block matches any 
^ reference value in the set of reference values. 



4. (Currently amended) The method of A mothod ao in claim 2, f 
kioluding in the oet of roforonce \^aluc9 at leaot one im^alidation ontr>^ corroaponding to at leai3t 
one idontifjing \^aluo for prodotorminod contonto of a lcno\TO invalid momor)' block; in which 
wherein the validation condition is that the identifying value of the ourront inotruotion memory 
block differs firom all invalidation ontrioo each reference value in the set of reference values. 



5. (Canceled) 



6. (Currently amended) A method for verifying co mputer instructions in a computer 
that includes at least one processor that executes in structions stored in memorv. the memory 
being organized into separately addressable memor y blocks, the method comprising: 

for at least one current instruction that has been identified for submission to the processor 
for execution, computing a hash value as a fTinction of a sub-set of contents of a current memory 
block that contains the cu rrent instruction: 

dfttermining whether the hash value satisfies a va l idation condition by comparing the hash 
value of the current memory block wi th a set of reference values; 

if the, hash value satisfies the validation condi t ion, allowing execution of the current 
instruction hv the processor: 

if the hash value does not satisfy the validation condition, generating a response; 

wherein the computing of the hash value comprises applying a mask to the current 
memory block, the mask being a d.t;^ structure that designates at least one byte of the current 
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memory block to be ignored in the computing of the hash value , the data structure designatinR 
less than an entire memory block so that the hash value[[s]] is based on only part of the contents 
of both the current and tho roforonoo memory block[[s]]. 



7. (Currently amended) The method of A method as in claim 6, fiirther comprising: 

identifying, in at loaat one roforonco potentially non-constant contents of the current 
memory block, the non-constant contents being non indiootivo contonto that ore valid but that are 
at lo a jt p otont ig l ly n on constant such changeable so that they do not indicate validity of the 
Fof e r e no e current memory block as a whole; and 

nnnfipuring the mask so that the mask designa tes at least the non-constant contents to be 
ignored when penerating the hash valu e ; boforo or when oomputing tlio hash valuo for th e 
roforenoo memory blook. applying a mask to tho oontonts of tho roforonco memory block auoh 
that tho non indioative oontonto do not influonoo tho oomputod haoh \^aluo; and 

boforo or whon oomputing the haoh value for tho ourront momor/ blook, applying th e 
maak to tho current memory blook oontonto . 



8. (Currently amended) The method of A mothod ao in claim 2, further comprising: 

for each nf n plurnlitv nf the separately addressable memory blocks, indicating in a 
structure whether each roopootive the memory block is valid validat e d ; asd 

act^essin g the structure to determine whether th e memory block is valid prior to the 
determining of the ident ifying value: and 

p^nrmin g the deteiminip p of the identifying value when the structure does not indicate 
that the memory block is valid and for oaoh ourront instruotion from a momorj^ blook whos e 
structuro indica l i u n ia that it ia ^'alidatoc1. directly allowing execution of the «HFeHt n«tt 
instruction when the strucmre indicates that the memory block is valid. 
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9. (Currently amended) The method of A mothod ao in claim 8, wherein the 
structure comprises a group of hardware attribute indic ators, and wherein in which the s top of 
indicating in the structure whether the plurality of memory blocks is validated comprises oauaing 
n ppnT^r" T ''^^"C ^" " of setting one of the hardware attribute indicators^ 

the one hardware attribute indicator correspondi ng to the memory block. 



1 0. (Original) A method as in claim 9, in which the hardware attribute indicators are 
execute and write permission attributes associated with an entry in a translation lookaside buffer. 



1 1 . (Currently amended) The method of A mothod ao in claim 8, wherein the 
structure comprises a software data structure, and wherein inwhioh the ste^ef indicating in the 
structure whether the plurality of memory blocks is validated comprises making a corresponding 
entry in the [[a]] software data structure. 



1 2. (Currently amended) The method of A mothod ao in claim 8, fiirthor oomprioing: 
performing the stops of determining of the identifying value for the eufteat memory block and 
the determining of whether the comparing th e identifying value of the current memory block with 
g 30t of roforo n-^^ ^' "i" " "- satisfies the validation conditio n are performed only when the structure 
does not indicate that the memnrv block is valid fo i ouncnt inatruotiona looatod in memory 
blooko not indioatod in the ati-uoturo ao being validatod; and, the method further comprising: 

modifi^ng the structure so that if tho idontifiing value of a current the memory block is 
not indicated as being validated valid when the identifying value satisfies the validation 
conditio n, I h o n jetting tho corrooponding atruoturo indication to indicate that it is validat e d . 



13, (Currently amended) The method of A mothod ao in claim 12, fiirther comprising: 

sensing modification of any momor>' block one of the memory blocks that the structur e 
indicates is valid fo r which tho structur e includoo an indic ati on and, upon aonoing n 
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any such memory block in response to the modification , setting its indication in the structure to 
indicate that the memory block is not validated valid. 



14. (Currently amended) The method of A mothod ao in claim 8, further comprising: 

determining a branch history for the e urr e nt next instruction; and 

checking whether the memory blocks in which instructions in the branch history are 

located are validat e d valid , the validation condition including the requirement that each checked 

memory block in the branch history is validat e d valid. 



15. (Currently amended) The method of A mothod ao in claim 2, 1 
pnrfnrmin^r thn ntopn of wherein the determining of the identifying value[[s]] 4 
blocks, oomparing tho idontifying valuoo with the act of rofcronoo valu e s, and the determining as 
to whether the validation condition has been satisfied are performed only after tho oocurronoo of 
a triggering event occurs . 



16. (Currentiy amended) The method of A mothod aa in claim 1 5, in which wherein 
the triggering event is the writing of at least one new unit of code or data to any physical 
component within the computer. 



17. (Currently amended) The method of A mothod ao in claim 1 5, in which the 
triggering event is the an attempted execution of any instruction located on any unverified 
memory block. 



18. (Currently amended) The method of A mothod ap in claim 1 5, H^vhieh i5dierein 
the triggering event is the an attempted execution of any instruction located on any unverified 
memory block of newly installed software. 
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1 9. (Currently amended) The method of A method ao in claim 1 5, further comprising 
triggering dynamic the verification of the computer instructions depending on the an identity of 
the a user of the compute r, the user having who hag caused submiooion of the ourront next 
instruction to be identified for execution . 

20. (Canceled) 

21. (riirrRntly amendftd^ The method of claim 15. further comprising triggering 
dynamic verification depending on a context in which the next instruction is submitted for 
execution, wherein A method ao in olaim 20, in which the context is a level of security clearance 
associated with the computer, a user of the computer, or a program of which the ourront nejtt 
instruction is a part. 

22. (Currently amended) The method of A method aa in claim 2, further oomprioing 
vorifiing wherein the identifying of the next instruction is performed fo r only a sample of the 
curr e nt series of instructions. 

23 . (Currently amended) The method of A method ao in claim 22, in whioh wherein 
the sample is a time-sampled sub-set of ewreftt the series of instructions. 

24. (Currently amended) The method of A method ao in claim 22, in whioh wherein 
the sample is a sequentially sampled sub-set of eaFfeat the series of instructions. 

25. (Currently amended) The method of A method ao in claim 22, in which wherein 
the sample is a sub-set nf ^^H^e^t the series of instructions sampled spatially, the sampling being 
over a range of addrosaoo or equival e nt memory block identifiers. 
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26. (Currently amended) The method of A method ao in claim 2, in which the atop of 
gonorating wherein the response comprises torminoting termination of a software entity with 
which the cvirrent memory block is associated. 

27. (Currently amended) The method of A method as in claim 2, in which the atop of 
generating wherein the response comprises nur . pondine suspension of execution of a software 
entity with which the current memory block is associated. 

28. (Currently amended) The method of A method aa in claim 2, in which the otop of 
gonorating wherein the response comprises pouting a message posted to a user, system 
administrator, or other predetermined recipient. 

29. (Currently amended) The method o f claim 2. wherein: 

the fe^ computer that includes a virtual machine running in a direct execution mode on 
an underlying hardware platform via an intermediate software layer[[,]]und 

tho method aa in claim 2, in which the stop of gonorating the response comprises a 
switching ofan the execution mode of the virtual machine from the direct execution mode to a 
binary translation mode . 

30. (Currently amended) The method o f claim 2. wherein: 

the fe^ computer that includes a virtual machine running on an underlying hardware 
platform via an intermediate software layer[[,]]; and 

tho method aa in claim 2, in which tho otop of gonorating the response includes 
checkpointing the state of the virtual machine. 
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3 1 . (Currently amended) The method of A method a s in claim 2, wherein the 
response is a first possible response, the method further comprising: 
associating the first possible response with the m emory block: 

associating a second possible different response[[s]] with at loaot two a different memory 
block[[s]]; 

upon detection of failure of the ourront next instruction to satisfy the validation condition, 
identifying which one of the possible responses is a ssociated with the memory block, and 
generating the one possible response associated with the memory block in which the ourront next 
instruction is located. 



32. (Currently amended) The method of A method go in claim 2, further comprising: 
associating reference values fh)m the set of referen ce yalues with respective programs 
such that each association signifies that t he reference value corresponds to a memory block 
storing instructions for one of the programs: and 

tracking which of the respective programs me is being executed within th o computer by 
aaaooiating based on which of the reference values with roDpooti\^o prodotorminod programs, a 
matches between the identifying value of tho ourront momon/ block widi any validation ontr^^ in 
tho oot of roforcnco valuop indicating oxocution of tho oorrooponding and the association between 
the matching reference value and the corresponding one of the prodotcrmin e d programs. 



33. (Currently amended) The method n f claim 2. wherein: 

the fe* computer that includes a virtual machine (VM) running on an underlying 

hardware platform via an intermediate software layer is operable to switch the virtual machine 

between a direct execution mode and a binary translation mode, tho method qo m claim 2,iand 

fh. .^rie>^ nf instnictions comprise f u r tlicr oomprioing vodfyiae tho validity of VM-issued 

instructions issued in conjunction with binary translation of any of the VM-issued instructions, 

the VM-issued instructions thereby b eing verified. 
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34. (Canceled) 



35. (Currently amended) A tangible medium embodying exec utable code executable 
for dynamically verifying a computer instructions being execute d bv a processor of a computer, 
the executable code being a verification engine causin g the computer to perform a method having 
operations of: A aystcm for verifying the \^alidity of oxooutablo codo in a oomputor comprioing: 

at least one procooGor; 

a mochaniom for idontifiing at Icaot ono cunont inotruotion that has boon idontifiod for 
s ubmission to the processor for exocution; 

a momory that is organiEod into Qoporatol)' addroooablo momor)' bloclco, the 
g yorifioation ongino comprising oomputor oxeoutablo ood e 

identifying a next instruction to be executed when executing the ser ies of instructions; 

for at logpt ono ourront inotruotion that haa boon idontifiod the next instruction, for 
submiaoion to th u p iucc jaor for oxoou ti o n . f o r determining an identifying value for a €«Ffeftt 
memory block that contains the euffeftt next instruction; 

HPtermining whether the identifying va l ue satisfies a validation condition, wherein the 
HPtermining as ta whether the identitVing value satisfies the vaUd ation condition requires fef 
comparing the identifying value of the euffent memory block with a set of reference values; 

allowing execurion of the next instruction bv t he processor when if the identifying value 
satisfies [[a]] tiie validation conditio n, for allowing oxeoution of tho ourront inotruo tion by the 
prooooflor ; and 

generating a response when tf the identifying value does not satisfy the validation 
whereby the euFFeftt ml instruction is verified dynamically before being executed. 
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36. (Currentiy amended) The tangible medium of A BV'atom go in claim 35, ferther 
oompriGing: at looot ono validation ontry inoludod in the aot of roforonco voluca corrooponding to 
Qt loQot ono identifying \^aluo for prodotonninod contonto of a lcnov\ii, valid momor>^blook; in 
which wherein the validation condition is that the identifying value of the ourront memory block 
matches any validation ontr , ' reference value in the set of reference values. 



37, (Currently amended) The tangible medium of A syatom gg in claim 35. i 
oompriaing: at looot ono invalidation cntr>^ inoludod in tho set of r e foronco \ aluoo corrooponding 
to at loaat ono identifying valuo for prodotorminod oontonto of o Icno^Ti invalid momory block; in 
^vhich wherein the validation condition is that the identifying value of the ourront inotruotion 
memorv block differs from all involidation ontrieo each reference value in the set of reference 
values. 

3 8 . (Currently amended) The tangible medium of A s y s tem as 4 « claim 3 5 , further 
iftekidkigMierein: the identifying value is a has h value that is computed as a function of 
contents of the memorv block u hoohinfi modulo within tho vorification ongino oompriaing 
oomputor oKCOutablo code for dotormining tho idontif^ing voluo of tho ourront momor>' blook by 
computing a hash voh i c ni n fiin"^"" ^""'^t n r , uh not nf tho oontonto of tlio ourront momory 
blook; and foi computing oaoh roforonoo valuo ao a haoh valuo of at loaot a aub got of a lmoT,^rn, 
f oforonoo momory blook . 

39. (Currently amended) The tangible medium of A systom as in claim 38, further 
nnmprinin^j n wherein some of the contents of the memorv block are ignored when computinfi . t . he 
hash value, the ipnnred nortion being defined by a sub-set selection structure for aolooting only a 
sub oot of tho ourront momoiy blook for computation of tho roapootivo haoh value . 



40. (Currently amended) The tangible m edium of A ayatom ao in claim 39, * 
wherein the sub-set selection structure is a mask. 



Atty. Docket A43 



13 of 32 



Application 10/791,602 



41. (Currently amended) The tangible medium of A owtom ofl in claim 35, whCTgin 
the memory block is one of a plurality of separately ad dressable memory blocks and the method 
further comprising comprises: 

g otruoturo oontoining on indication, for each of a plurality of the separately addressable 
memory blocks, indicating in a structure [[of]] whether oaoh roapoctive the memory block is 
valid: 

accessing the structure to determine whether th e memory block is vaHd prior to the 
determining of the identifying value: and 

validatod, tho vorifioation ongino being further provided with computor oxocutablo code 
&^ pprfnrmiTiP the detennining nf the identifvi n p value when the structure docs not indicate that 
the memory block is valid and directiy allowing execution of the curr e nt n^ instruction whm 
the structure indicates that the memory block is valid for oaoh ourront inotruction firom o memory 
block whooo otruchiro indication io that it ia validated . 



42. (Currently amended) The tangible medium of A syotom ao in claim 41, wh^gln 
the structure comprises a group of hardware a ttribute indicators, and wherein if^^vhieh the 
indicating in the structure whether the olu r alitv of memory blocks is valid comprises setting one 
of the containing tho indicationp io a group of hardware attribute indicators corresponding to the 
memory block . 



43 . (Currently amended) The tan pihle medium of A syatom ao in claim 42, in which 
the hardware attribute indicators are execute and write permission attributes associated with an 
entry in a translation lookaside buffer. 



44. (Currently amended) THp tan pible medium of A s yotom ao in claim 35, wherein 
the structure comprise, a software d ^t. .tmcmre, and wherein further comprising a software 
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module comprising computer- executable instructions for selecting for verification only a sample 
of the c urrent next instructions. 

45. (Canceled) 

46. (Currently amended) (Currently amended) The tangible medium of claim 35. 



A oyotom as in olaim 15, in which the verification engine [[is]] resides in an intermediate 
nrtualization laver between a virtual mach ine and a hardware platform of the computer; 
the next instruction is issued bv the virtua l machine: and 



instruction is performed while mpving or translating in conjunction with binary translation 
instructions for the virtual machine any of tho ioouod inotruotions , 

47, (Currently amended) The tangible m edium of claim 46. wherein A syptom a 
claim 15, in which the ^Trification ongino is further provided for triggering the response 
nom prises switching the intermediate virtualization layer to switch ojiccution of tho virtual 
machin e to the a binary translation mode as tho rooponoe . 



wherein: 




verifying of the validity of VM iaouod inatruotiona the next 
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